Just for an extra step to the security.. How can I check/detect if a user has manually changed a cookie value?

Is there some easy way of doing this? Or do I have to set an extra Session variable and match it up with that? With this being said, is a normal ASP.Net Session traceable by the browser? And viewable to the user?

Why don't you encrypt the cookie value. That way it is tough for the user to actually change it correctly. Like the previous answer mentions, if it is really sensitive, cookie is not the place to store it but encryption gives you a little bit more protection.

Encrypting isn't enough - you can change the values and it won't be detected (although decryption may fail, and of course the user is making blind changes) - you must also sign the cookie, as Bill Brasky suggests.
–
blowdartJul 27 '11 at 13:48

really brother, i don't think this answer deserves a downvote. check this answer out, it is an option. it depends on what your intentions are. May be encryption will work for his purpose. stackoverflow.com/questions/523629/…
–
coder netJul 27 '11 at 13:52